RESOLVED FIXED Bug 199018
[GTK] fast/mediastream/RTCPeerConnection-add-removeTrack.html is crashing 
https://bugs.webkit.org/show_bug.cgi?id=199018
Summary [GTK] fast/mediastream/RTCPeerConnection-add-removeTrack.html is crashing
Alicia Boya García
Reported 2019-06-19 11:03:12 PDT
fast/mediastream/RTCPeerConnection-add-removeTrack.html Crashing since r246053:r246056 It seems the string is too long: String String::fromUTF8(const LChar* stringStart, size_t length) { if (length > MaxLength) CRASH(); Thread 1 (Thread 0x7f27550be9c0 (LWP 36070)): #0 WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:305 #1 0x00007f275ec97969 in WTF::String::fromUTF8(unsigned char const*, unsigned long) (stringStart="", length=139807294951298) at ../../Source/WTF/wtf/text/WTFString.cpp:846 #2 0x00007f276b014acb in WTF::String::fromUTF8(char const*, unsigned long) (characters=0x7fff1b898c00 "", length=139807294951298) at DerivedSources/ForwardingHeaders/wtf/text/WTFString.h:349 #3 0x00007f276ddbccdd in WebCore::fromStdString(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (value='\000' <repeats 24 times>, "\202\017'l'\177\000\000P\214\211\033\377\177\000\000\313J\001k'\177\000\000P\214\211\033\377\177\000\000\202\017'l'\177\000\000\000\214\211\033\377\177\000\000@\215\211\033\377\177\000\000\200\214\211\033\377\177\000\000\335\314\333m'\177\000\000\240\214\211\033\377\177\000\000@\215\211\033\377\177\000\000\275Ѳk'\177\000\000\275Ѳk'\177\000\000\340\214\211\033\377\177\000\000\205\310\333m'\177\000\000\240\225\022b&\177\000\000@\215\211\033\377\177\000\000\000\214\211\033\377\177\000\000\202\017'l'\177\000\000\000\000\000\000\000\000\000\000\240\063\000\354&\177\000\000\340\214\211\033\377\177\000\000"...) at ../../Source/WebCore/Modules/mediastream/libwebrtc/LibWebRTCUtils.h:57 #4 0x00007f276ddbc885 in WebCore::LibWebRTCRtpTransceiverBackend::mid() (this=0x7f26621295a0) at ../../Source/WebCore/Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.cpp:67 #5 0x00007f276c26e4aa in WebCore::RTCRtpTransceiver::mid() const (this=0x7f26ec003360) at ../../Source/WebCore/Modules/mediastream/RTCRtpTransceiver.cpp:55 #6 0x00007f276bb2d190 in WebCore::jsRTCRtpTransceiverMidGetter (state=..., thisObject=..., throwScope=...) at DerivedSources/WebCore/JSRTCRtpTransceiver.cpp:217 #7 0x00007f276bb4c95a in WebCore::IDLAttribute<WebCore::JSRTCRtpTransceiver>::get<WebCore::jsRTCRtpTransceiverMidGetter, (WebCore::CastedThisErrorBehavior)3> (state=..., thisValue=139805210572384, attributeName=0x7f276f989bda "mid") at ../../Source/WebCore/bindings/js/JSDOMAttribute.h:69 #8 0x00007f276bb2d1eb in WebCore::jsRTCRtpTransceiverMid(JSC::ExecState*, long, JSC::PropertyName) (state=0x7fff1b8991f0, thisValue=139805210572384) at DerivedSources/WebCore/JSRTCRtpTransceiver.cpp:223 #9 0x00007f275e9350c9 in JSC::PropertySlot::customGetter(JSC::ExecState*, JSC::PropertyName) const (this=0x7fff1b899040, exec=0x7fff1b8991f0, propertyName=...) at ../../Source/JavaScriptCore/runtime/PropertySlot.cpp:50 #10 0x00007f276b38f1c0 in JSC::PropertySlot::getValue(JSC::ExecState*, JSC::PropertyName) const (this=0x7fff1b899040, exec=0x7fff1b8991f0, propertyName=...) at DerivedSources/ForwardingHeaders/JavaScriptCore/PropertySlot.h:414 #11 0x00007f276c5acb83 in JSC::JSValue::get(JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) const (this=0x7fff1b899088, exec=0x7fff1b8991f0, propertyName=..., slot=...) at DerivedSources/ForwardingHeaders/JavaScriptCore/JSCJSValueInlines.h:873 #12 0x00007f275e5de21a in JSC::LLInt::llint_slow_path_get_by_id (exec=0x7fff1b8991f0, pc=0x7f266211c33c) at ../../Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:762 #13 0x00007f275e5c75ce in llint_op_get_by_id () from /home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18 #14 0x0000000000000000 in ?? ()
Attachments
Patch (1.61 KB, patch)
2019-07-11 07:42 PDT, Thibault Saunier 		no flags
DetailsFormatted DiffDiff
Patch (1.56 KB, patch)
2019-08-09 12:45 PDT, Thibault Saunier 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Thibault Saunier
Comment 1 2019-07-11 07:42:22 PDT
Created attachment 373922 [details] Patch
Carlos Alberto Lopez Perez
Comment 2 2019-07-11 08:11:54 PDT
Comment on attachment 373922 [details] Patch This is a gardening patch. It doesn't need review. Simply change the "Reviewed by NOBODY (OOPS!)." by something that contains the word "unreviewed" Like "Unreviewed gardening patch" and commit it directly (if you are committer) or ask any comitter to just set the cq+ flag
Thibault Saunier
Comment 3 2019-08-09 12:45:29 PDT
Created attachment 375943 [details] Patch
WebKit Commit Bot
Comment 4 2019-08-09 14:57:32 PDT
Comment on attachment 375943 [details] Patch Clearing flags on attachment: 375943 Committed r248479: <https://trac.webkit.org/changeset/248479>
WebKit Commit Bot
Comment 5 2019-08-09 14:57:34 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.